[libvirt PATCH 07/10] qemu/lxc: plumb isolatedPort from config down through bridge attachment

Ján Tomko jtomko at redhat.com
Tue Feb 18 17:46:05 UTC 2020


On Sun, Feb 16, 2020 at 11:22:56PM -0500, Laine Stump wrote:
>This patch pushes the isolatedPort setting from the <interface> down
>all the way to the callers of virNetDevBridgeAddPort(), and sets
>BR_ISOLATED on the port (using virNetDevBridgePortSetIsolated()) after
>the port has been successfully added to the bridge.
>
>Signed-off-by: Laine Stump <laine at redhat.com>
>---
> src/bhyve/bhyve_command.c   |  1 +
> src/conf/domain_conf.c      |  1 +
> src/lxc/lxc_process.c       | 10 ++++++++++
> src/network/bridge_driver.c |  1 +
> src/qemu/qemu_hotplug.c     | 16 ++++++++++++++++
> src/qemu/qemu_interface.c   |  1 +
> src/util/virnetdevtap.c     | 17 ++++++++++++++++-
> src/util/virnetdevtap.h     |  3 +++
> tests/bhyvexml2argvmock.c   |  1 +
> 9 files changed, 50 insertions(+), 1 deletion(-)
>
>diff --git a/src/qemu/qemu_hotplug.c b/src/qemu/qemu_hotplug.c
>index 6395826c69..af892255c7 100644
>--- a/src/qemu/qemu_hotplug.c
>+++ b/src/qemu/qemu_hotplug.c
>@@ -3350,12 +3350,28 @@ qemuDomainChangeNetBridge(virDomainObjPtr vm,
>     }
>
>     ret = virNetDevBridgeAddPort(newbridge, olddev->ifname);
>+    if (ret == 0 &&
>+        virDomainNetGetActualPortOptionsIsolated(newdev) == VIR_TRISTATE_BOOL_YES) {
>+
>+        ret = virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true);
>+        if (ret < 0) {
>+            virErrorPtr err;
>+
>+            virErrorPreserveLast(&err);
>+            ignore_value(virNetDevBridgeRemovePort(newbridge, olddev->ifname));
>+            virErrorRestore(&err);
>+        }
>+    }
>     virDomainAuditNet(vm, NULL, newdev, "attach", ret == 0);
>     if (ret < 0) {
>         virErrorPtr err;
>
>         virErrorPreserveLast(&err);
>         ret = virNetDevBridgeAddPort(oldbridge, olddev->ifname);
>+        if (ret == 0 &&
>+            virDomainNetGetActualPortOptionsIsolated(olddev) == VIR_TRISTATE_BOOL_YES) {
>+            ignore_value(virNetDevBridgePortSetIsolated(newbridge, olddev->ifname, true));

Should this use 'oldbridge' instead of 'newbridge'?

>+        }
>         virDomainAuditNet(vm, NULL, olddev, "attach", ret == 0);
>         virErrorRestore(&err);
>         return -1;

Reviewed-by: Ján Tomko <jtomko at redhat.com>

Jano
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/libvir-list/attachments/20200218/40123e38/attachment-0001.sig>


More information about the libvir-list mailing list